Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258151	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1295	2010-07-20 18:08	2010-06-29	Show	GitHub Exploit DB Packet Storm

258152	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-20 CWE-399	CVE-2010-1285	2010-07-20 18:08	2010-06-29	Show	GitHub Exploit DB Packet Storm

258153	4.7	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux Kernel の gfs2_lock または gfs_lock 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-0727	2010-07-20 18:02	2010-03-16	Show	GitHub Exploit DB Packet Storm

258154	4.3	警告	サン・マイクロシステムズサイバートラスト株式会社 Pango.org レッドハット	-	Pango の hb_ot_layout_build_glyph_classes 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2010-0421	2010-07-20 18:01	2010-03-15	Show	GitHub Exploit DB Packet Storm

258155	4	警告	Samba Project アップルサイバートラスト株式会社サン・マイクロシステムズターボリナックスレッドハット	-	Samba の smbd におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-2906	2010-07-20 18:01	2009-10-7	Show	GitHub Exploit DB Packet Storm

258156	1.9	注意	レッドハットサイバートラスト株式会社ターボリナックス Samba Project	-	Samba の mount.cifs における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2948	2010-07-20 18:01	2009-10-7	Show	GitHub Exploit DB Packet Storm

258157	6	警告	Samba Project アップルサイバートラスト株式会社サン・マイクロシステムズターボリナックスヒューレット・パッカードレッドハット	-	Apple Mac OS の SMB サブシステムにおけるファイル共有の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2813	2010-07-20 18:01	2009-09-10	Show	GitHub Exploit DB Packet Storm

258158	5	警告	S2 Security	-	S2 Netbox に脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2466	2010-07-16 18:41	2010-06-28	Show	GitHub Exploit DB Packet Storm

258159	4.3	警告	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイスの WebVPN における CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2008-7257	2010-07-16 18:41	2010-06-29	Show	GitHub Exploit DB Packet Storm

258160	7.5	危険	IBM	-	z/OS 上で稼働する IBM WebSphere Application Server における link インジェクションの脆弱性	CWE-noinfo 情報不足	CVE-2010-2324	2010-07-16 18:40	2010-06-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
6461	6.5	MEDIUM Network	mongodb	mongodb	Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilizatio…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-8202	2026-05-18 21:55	2026-05-13	Show	GitHub Exploit DB Packet Storm

6462	6.5	MEDIUM Network	mongodb	mongodb	After invoking $_internalJsEmit, which is not intended to be directly accessible, or mapreduce command’s map function in a certain way, an authenticated user can subsequently crash mongod when the se…	CWE-416 Use After Free	CVE-2026-8336	2026-05-18 21:54	2026-05-13	Show	GitHub Exploit DB Packet Storm

6463	7.5	HIGH Network	netty	netty	Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final, when decoding header blocks, the non-Huffman branch of io.netty.handler.codec.http3.QpackDecoder#decodeHuf…	CWE-770 CWE-789 Allocation of Resources Without Limits or Throttling Memory Allocation with Excessive Size Value	CVE-2026-42582	2026-05-18 21:54	2026-05-14	Show	GitHub Exploit DB Packet Storm

6464	7.5	HIGH Network	netty	netty	Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explici…	CWE-113 HTTP Response Splitting	CVE-2026-42578	2026-05-18 21:54	2026-05-14	Show	GitHub Exploit DB Packet Storm

6465	7.5	HIGH Network	netty	netty	Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty incorrectly parses malformed Transfer-Encoding, enabling request smuggling attacks…	CWE-444 HTTP Request Smuggling	CVE-2026-42585	2026-05-18 21:24	2026-05-14	Show	GitHub Exploit DB Packet Storm

6466	7.5	HIGH Network	netty	netty	Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a ByteBuf of size decompressedLength (up to 32 MB per block) b…	CWE-400 CWE-770 Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling	CVE-2026-42583	2026-05-18 21:22	2026-05-14	Show	GitHub Exploit DB Packet Storm

6467	7.5	HIGH Network	netty	netty	Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer …	CWE-400 Uncontrolled Resource Consumption	CVE-2026-42587	2026-05-18 21:20	2026-05-14	Show	GitHub Exploit DB Packet Storm

6468	9.4	CRITICAL Network	thecodingmachine	gotenberg	Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, the default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is r…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42596	2026-05-18 21:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

6469	3.7	LOW Network	-	-	A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee Login. This manipulation cau…	CWE-327 CWE-328 Use of a Broken or Risky Cryptographic Algorithm Use of Weak Hash	CVE-2026-8803	2026-05-18 21:16	2026-05-18	Show	GitHub Exploit DB Packet Storm

6470	-		-	-	Denial-of-service condition in M-Files Server versions before 26.5.16015.0, before 26.2 LTS, and before 25.8 LTS SR3 allows an authenticated user to cause the MFserver process to crash	CWE-1286 Improper Validation of Syntactic Correctness of Input	CVE-2026-0983	2026-05-18 21:16	2026-05-18	Show	GitHub Exploit DB Packet Storm